EP1775673A2 - Token-Authentifizierungssystem - Google Patents

Token-Authentifizierungssystem Download PDF

Info

Publication number
EP1775673A2
EP1775673A2 EP06255304A EP06255304A EP1775673A2 EP 1775673 A2 EP1775673 A2 EP 1775673A2 EP 06255304 A EP06255304 A EP 06255304A EP 06255304 A EP06255304 A EP 06255304A EP 1775673 A2 EP1775673 A2 EP 1775673A2
Authority
EP
European Patent Office
Prior art keywords
token
cryptographic key
controlled information
manufacturer
password
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP06255304A
Other languages
English (en)
French (fr)
Other versions
EP1775673A3 (de
Inventor
Dwayne Mercredi
Joseph Robinson
Joachim Vance
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Saflink Corp
Original Assignee
Saflink Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Saflink Corp filed Critical Saflink Corp
Publication of EP1775673A2 publication Critical patent/EP1775673A2/de
Publication of EP1775673A3 publication Critical patent/EP1775673A3/de
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the present invention relates generally to electronically controlled access technologies, and more particularly, to the use of token authentication to control access to protected information and areas.
  • Tokens promote relatively quick access to secured data and other resources. Tokens include objects that are read by an access control device to determine whether a user presenting the token should be given access. As the token holder approaches or otherwise submits the token, the access control device interrogates the token to make the determination.
  • tokens routinely incorporate cryptographic mechanisms for authentication. Encrypted codes are commonly stored within token memory for eventual decryption by the access device. To this end, tokens additionally rely on dedicated processors and/or memory for use during authentication.
  • tokens provide some measure of convenience and security, concerns relating to token implementation persist. For instance, cryptographic information stored in the memory of the token can be accessed and duplicated. Furthermore, while onboard memory and/or processing dedicated to authentication is generally viewed as a practical necessity, these dedicated components nonetheless inflate the cost of implementing a token-based system, which undermines the practicality of token authentication.
  • tokens additionally include a set of generally unalterable data used by manufacturers. Such data includes serial numbers, manufacturer identifier data, time of manufacture, and/or other manufacturer controlled information used for inventory, quality control and other accounting purposes. We have discovered that this manufacturer controlled information may be used to eliminate certain complexities conventionally associated with token authentication.
  • the present invention provides an apparatus, program product and method for enabling token authentication by generating a crytographic key using manufacturer controlled data present on a token.
  • Authentication may thus be simplified by reducing the need for onboard processors and token memory used for authentication. Instead, manufacturer controlled information already on the token is used, minimizing token costs.
  • This feature further allows general purpose tokens already in wide existence to be used, rather than requiring a new special-purpose tokens to be acquired for the specific purpose of authentication.
  • virtually all electronic devices include some manner of manufacturer controlled information, virtually any device having electronically readable data may be used to authenticate a user. For instance, a flash drive may be used as a token.
  • a one-time password algorithm generates a password that can only be used once to authenticate.
  • passwords, user names, and/or other data is used in addition to the manufacturer controlled information for realizing a login in a system that requires multiple factor (multifactor) authentication.
  • the password is stored on the token and is automatically transmitted to the access device, possibly along with the user identifier (ID). This automatic and transparent provision of the password enables a streamlined login without requiring the user to do more than submit the token, i.e., type in a password or user ID.
  • a user may submit a password or biometric to realize a true multifactor authentication.
  • the computer system 10 of Fig. 1 comprises an exemplary access control apparatus 10 configured to enable token authentication by generating a cryptographic key using static, manufacturer controlled information 17 present on the token 12.
  • Typical manufacturer controlled information 17 present on the token 12 includes static, non-writeable/erasable (generally unalterable) data, such as a serial number or manufacturer ID.
  • a computer 20 typically reads the manufacturer controlled information 17 and applies a cryptographic algorithm to determine the secret, cryptographic key.
  • the cryptographic key may comprise or be used to generate a one-time password used to authenticate the token.
  • the portable advantages of traditional token authentications are realized, while the actual cryptographic determinations using the manufacturer controlled information may occur in a computer software module.
  • Fig. 1 more particularly shows a networked computer system that includes a client computer 20 (e.g., lap top, desktop or PC-based computer, workstation, etc.), which may or may not be in communication with a network (not shown).
  • Computer 20 is in electronic communication with the token 12. While such communication may be wireless in some embodiments, the token 12 in Fig. 1 physically connects to a Universal Serial Bus (USB) port 15.
  • Token 12 comprises a general purpose flash drive that includes a small circuit board with a dedicated processor 13 and one or more memory chips 16, all of which are enclosed within a relatively rugged, plastic shell.
  • the flash drive, or memory storage card additionally includes manufacturer controlled information 17, e.g., a serial number.
  • Flash drives typically provide alterable, e.g., erasable, writeable and readable, memory.
  • the onboard processor(s) 13 of the flash drive may provide increased processing power for computers requiring additional processing resources.
  • a USB connector typically protrudes from the flash drive for insertion into the computer's USB port 15.
  • User computer 20 may include: a hard drive 21 and associated central processing unit (CPU), a number of peripheral components such as a computer display 22, a storage device 23, a printer (not shown), and various input devices (e.g., a USB port 15, a mouse 26, keyboard 27, remote token detector 28) to include biometric login devices (fingerprint reader 17, iris scanner 19).
  • CPU central processing unit
  • peripheral components such as a computer display 22, a storage device 23, a printer (not shown)
  • various input devices e.g., a USB port 15, a mouse 26, keyboard 27, remote token detector 28
  • biometric login devices fingerprint reader 17, iris scanner 19
  • Fig. 2 illustrates in greater detail a hardware and software environment for an apparatus 29 suited to enable token authentication by generating a cryptographic key using static, manufacturer controlled information 17 present on the token 34.
  • the apparatus 29 more particularly comprises client and server computers 30, 31 configured to use the manufacturer controlled information 17 to authenticate the token 34.
  • Apparatus 29 may more particularly represent a computer, computer system or other programmable electronic device, including: a client computer 30 (e.g., similar to computer 20 of Fig. 1), a server computer 31, a portable computer, an embedded controller, etc., used to authenticate a token(s) 34 presented by a user.
  • Apparatus 29 will hereinafter also be referred to as a "computer system,” or “computer,” although it should be appreciated that the terms “apparatus” and “access control device” may also include other suitable programmable electronic devices, such as a vault access controller or a controller operating a vehicle ignition switch, among many others. Moreover, while only one server computer 31 is shown in Fig. 2, any number of computers and other devices may be networked through network 18.
  • client computer 30 may alternatively authenticate a token 34 when disconnected from or otherwise in use without the network 38. That is, computers 30 and 31 are configured for either a networked or standalone token authentication. As such, client computer 30 is shown having various memory components that may not be utilized when a network authentication at the server computer 31 is attempted. Conversely, the server computer 31 may not be utilized when a token is authenticated in standalone mode at the client computer 30, i.e., when disconnected from the server computer 31.
  • Computer 30 typically includes at least one processor 43 coupled to a memory 32.
  • Processor 43 may represent one or more processors (e.g., microprocessors), and memory 32 may represent the random access memory (RAM) devices comprising the main storage of computer 30, as well as any supplemental levels of memory, e.g., cache memories, non-volatile or backup memories (e.g., programmable or flash memories), read-only memories, etc.
  • RAM random access memory
  • memory 32 may be considered to include memory storage physically located elsewhere in computer 30, e.g., any cache memory present in processor 43, as well as any storage capacity used as a virtual memory, e.g., as stored within a database 37, or on another computer coupled to computer 30 via network 38.
  • Computer 30 also may receive a number of inputs and outputs for communicating information externally.
  • computer 30 typically includes one or more input devices 33 (e.g., a token detector, a keyboard, a mouse, a trackball, a joystick, a touch pad, iris/fingerprint scanner, and/or a microphone, among others).
  • a token detector comprising the input device 33 may more particularly include a token detector, such as a USB port, a card slot reader, a radio frequency receiver, a transmitter, or a transponder for communicating with one or more tokens 34.
  • the client computer 30 additionally includes a display 39 (e.g., a CRT monitor, an LCD display panel, and/or a speaker, among others). It should be appreciated, however, that with some implementations of the client computer 30, direct user input and output may not be supported by the computer, and interface with the computer may be implemented through a client computer or workstation networked with the client computer 30.
  • a display 39 e.g., a CRT monitor, an LCD display panel, and/or a speaker, among others.
  • computer 30 may also include one or more mass storage devices 36 configured to store a database 37.
  • Exemplary devices 36 can include: a floppy or other removable disk drive, a flash drive, a hard disk drive, a direct access storage device (DASD), an optical drive (e.g., a CD drive, a DVD drive, etc.), and/or a tape drive, among others.
  • computer 30 may include an interface with one or more networks 38 (e.g., a LAN, a WAN, a wireless network, and/or the Internet, among others) to permit the communication of information with other computers coupled to the network 38.
  • networks 38 e.g., a LAN, a WAN, a wireless network, and/or the Internet, among others
  • computer 30 typically includes suitable analog and/or digital interfaces between processor 43 and each of components 32, 33, 36 38 and 39.
  • Computer 30 operates under the control of an operating system 40, and executes various computer software applications, components, programs, objects, modules, e.g., a token authentication program 41, one-time password authentication program 42, password authentication program 44, BIR authentication program 45 and BioAPI 49, among others. While embodiments described herein use a one-time password algorithm 42, one skilled in the art will recognize that other cryptographic algorithms may alternatively or additionally be used.
  • BioAPI program 49 regards a programming interface supplied by biometric service providers that provides enrollment and verification services for installed biometric devices (e.g., iris or fingerprint scanner, and/or a microphone, among others).
  • Various applications, components, programs, objects, modules, etc. may also execute on one or more processors in another computer coupled to computer 30 via a network 38, e.g., in a distributed or client-server computing environment, whereby the processing required to implement the functions of a computer program may be allocated to multiple computers over a network.
  • the memory 32 shown in Fig. 2 includes various data components that may be utilized by the programs to accomplish a token authentication. As with other memory components described herein, the data may be stored locally as shown in Fig. 2, or may alternatively be remotely accessed. Examples of such data include a counter 43 that may be incremented after each successful authentication. While the counter 43 shown in Fig. 2 has particular application with the one-time password algorithm 42, one skilled in the art will appreciate that another embodiment alternatively incorporates a clock mechanism for use with one-time password authentication processes.
  • a random diversifier 46 used to alter the manufacturer controlled information 48, 57, 67.
  • a random diversifier 46 may comprise a sequence of numbers and/or characters that program code at the client computer will read and include in the copy of the read manufacturer controlled information 57. Because the manufacturer controlled information of the token can typically not be changed, the random diversifier 46 effectively allows the different manufacturer controlled information to be varied. As such, a read/transmitted copy of a serial number of a flash drive may be altered from the actual sequence of the serial number. While the client computer 30 will typically perform the modification of the manufacturer controlled information 57 using the random diversifier 46, program code executed on the token 34 may affect the modification in another embodiment.
  • stored data may include a copy of a cryptographic key 41 for comparison to a key dynamically determined by authentication program(s) using, in part, token manufacturer controlled information 57.
  • Stored manufacturer controlled information 48 matching manufacturer controlled information 57 of the token may be accessed during authentication.
  • a system user may authenticate without a password.
  • Other embodiments may incorporate multifactor authentication by including a password or biometric data.
  • submission of a password in addition to a token requires an attacker to compromise both the user's password and the token.
  • a default password 55 may be read from the token 34 and/or be forwarded by the client computer 30 to the server computer 31.
  • a USB drive may support an additional factor of authentication through a fingerprint or other biometric submission.
  • USB drives may be enhanced to provide additional protection for authentication.
  • One such enhancement may include a device that is completely inaccessible until a biometric is provided to unlock the device. This kind of functionality can provide a certain amount of protection from denial of service attacks and device cloning when the device is not in use by the user.
  • the password 55 may comprise a default password that is automatically passed onto the server computer 31.
  • the password 55 may comprise a password automatically received from the token 34, a password typed in by a user, or a default password 71 automatically forwarded by the client computer 30.
  • a password flag 72 may be used to programmatically require a password to be entered by the user. This feature allows the password required policy to be verified without having to retrieve a policy from a server.
  • a failed attempts count 73 sets a limit to the number of unsuccessful attempts that can occur before suspending future authentications with a given token.
  • a look ahead/behind count 75 may be used to authenticate and re-synchronize the counter 43, as well as to detect possible attempts to unlawfully access a resource using a falsified token. For instance, a compromised key may be detected when the counter 52 on the token 34 is older (lower) than the counter 43 on an authenticating computer 30.
  • the exemplary token 34 shown in Fig. 2 includes manufacturer controlled information 57 that may be used by either or both the client and server computers 30, 31 during authentication.
  • Manufacturer controlled information 57 is typically static, or unchanging, such as a serial number 56 and/or a manufacturer identifier 58 conventionally manufactured with a flash drive.
  • the client or server computer 30, 31 may dynamically generate a cryptographic key using this manufacturer controlled information 57 received from the token 34.
  • the token 34 may include a memory 50, which in addition to functional data that may vary per application specifications, e.g., additional memory or programming for client computer 30, includes data components used during token authentication.
  • the token 34 includes a random diversifier 51, or sequence of data values, which is used by the client computer 30 to programmatically scramble or otherwise alter the manufacturer controlled information 48, 57, 67.
  • different values of the random diversifier 51 may be interspersed within the manufacturer controlled information 57 read from the token 34.
  • a typical random diversifier may include a 32-byte value (256 bits).
  • the random diversifier 51 may be generated and written to the token 34 along with an initial counter value 52.
  • the user name 53 may also be established at this time and may be likewise written to the token 34.
  • the secret, cryptographic key is typically generated in real time using the manufacturer controlled information 57 and the random diversifier 51.
  • the random diversifier 69 represents another crytpographic feature of the embodiment.
  • another embodiment may alternatively or additionally incorporate other cryptographic mechanisms and processes known in the art.
  • the counter 52 may be maintained within memory 50 of the token 34 for use with the one-time password program 42.
  • An exemplary counter 52 may include an eight byte value.
  • a corresponding counter(s) 43, 66 is also stored on the authenticating computer 30, 31 and is updated with every one-time password calculation. While not shown in Fig. 2, one skilled in the art will appreciate that a clock mechanism could be substituted for the counter 52 in an embodiment where the one-time password relied on time readings from a clock, rather than on a counter implementation.
  • the counter 52 is used to calculate the one-time password.
  • a one-time password algorithm generates a password that can only be used once to authenticate.
  • the token includes manufacturer controlled information 57 used by the server computer 31 to determine a one-time password.
  • the system 10 may additionally use a secret and changing parameter such as a counter 52 or clock (not shown) to calculate the one-time password.
  • the server computer 31 also uses its copy of the manufacturer controlled information 67 and a previously synchronized copy of the changing counter 66. If the one-time password from the user and the server match (assuming the changing password parameter is within a certain range), then the authentication is valid.
  • One example of a one-time password algorithm having particular application with an embodiment is the Open AuTHentication (OATH) algorithm.
  • the one-time password determination typically occurs in computer software executing remotely from the token 34.
  • the cryptographic key 70 is typically deleted from computer memory 62 after its determination.
  • Other techniques known in the art for preventing the key 70 from being copied to paged memory may also be utilized.
  • the token 34 may additionally provide for streamlined authentication.
  • the token 34 may include a stored user ID 53 and/or password 55 that is automatically received by the client computer 30.
  • the user password is typically stored as a salted hashed value.
  • a hash is a numerical value of fixed length that unequivocally identifies files of arbitrary length.
  • a salted hash adds a random value to each password.
  • the salt is typically stored along side the salted hash.
  • a streamlined authentication may be realized transparently to the user. That is, the user may only be aware that they have plugged a flash drive into a USB port, and may thus remain unburdened with actively having to submit a conventional multifactor authentication.
  • the client computer 30 may automatically submit its own copy of a password to the server computer 31 to accomplish a transparent multifactor authentication.
  • a setting of a password flag 57 stored on the token 34 may alternatively prompt the computer 30 to require the user to actively submit a Personal Identification Number (PIN) or other password.
  • PIN Personal Identification Number
  • a token for purposes of the specification may include any portable device having computer-readable manufacturer controlled information.
  • the token 34 may include a processor 49.
  • the token 34 may include its own receiver and/or transmitter. Suitable tokens may comprise passive or actively transmitting tokens.
  • Tokens of other embodiments may include memory having random code, e.g., a random diversifier, which may be used independently of any manufacturer controlled data to generate a cryptographic key. As such, the random diversifier may be processed in a manner analogous to the manufacturer controlled data.
  • the server computer 31 may include many of the same or similar components as included in the client computer 30.
  • the server computer 31 may include: a processor(s) 60, a memory 62, BIR Authentication program 64, a counter 66, copies of manufacturer controlled information 67 matching the token(s)' 34, one-time password(s) 68, copy of random diversifier 69, cryptographic key(s) 70, a password authentication program 74, BioAPI 76, an operating system 77, password(s) 79, a password flag 80, an audit log 81, and a re-synchronization flag 82, as well as a look ahead and/or look behind program 83.
  • routines utilized to authenticate a token using manufacturer controlled information 57 present on the token 34.
  • routines executed to implement the embodiments of the invention whether implemented as part of an operating system or a specific application, component, program, object, module or sequence of instructions will be referred to herein as "programs," or simply "program code.”
  • the programs typically comprise one or more instructions that are resident at various times in various control device memory and storage devices. When a program is read and executed by a processor, the program causes the access control device to execute steps or elements embodying the various aspects of the invention.
  • the flowchart 100 of Fig. 3 includes steps for enabling token authentication using manufacturer controlled information read from a token 34.
  • the steps of the flowchart 100 more particularly show an exemplary sequence of steps taken from the respective perspectives of both a client and server computer 30, 31 during authentication.
  • the client computer 30 receives the token 34.
  • a USB port 15 of the client computer 30 may receive a plug component of a flash drive.
  • the client computer 30 wirelessly receives information from the token 34 via a token sensor 38.
  • the client computer 30 Upon receiving the token 34, the client computer 30 reads or otherwise receives manufacturer controlled information 57 at block 104 of Fig. 3. For instance, the client computer 30 may read a serial number 56 or manufacturer identifier 58 from a flash drive.
  • Manufacturer controlled information 57 is typically fixed by the token manufacturer and is generally static and read-only. Manufacturer controlled information thus may not include stored crytographic keys or passwords used for authentication. Due to its fixed nature, the manufacturer controlled information 57 may remain the same irrespective of what machine receives it. That is, the manufacturer controlled information 57 typically remains the same even when the token 34 is inserted into different operating systems.
  • the client computer 30 may retrieve or otherwise receive at block 106 of Fig. 3 from memory 50 the random diversifier 51 from the token 34. Because it may be desirable to not be tied to one secret, the system 10 uses the random diversifier 51 to generate the crytographic data. Copies of the random diversifier 51 and 69 may be stored on both the token 34 and the server computer 31. Using the random diversifier 51 in this way enables variation of the secret despite the unchanging nature of the device ID or other token manufacturer controlled information 57.
  • the client computer 30 may similarly receive at block 108 the current token count from the counter 52 of the token 34. At block 110, the client computer 30 increments or otherwise updates the counter 52 of the token 34.
  • the client computer 30 determines at block 112 the cryptographic key. More particularly, the client computer 30 may process its copy of the random diversifier 46 and the manufacturer controlled information 57 using a cryptographic algorithm. The computer 30 thus dynamically applies a crytographic algorithm to the token manufacturer controlled information 57 to determine a key. In turn, the computer 30 may use the cryptographic key to determine the one-time password at block 114.
  • the client computer 30 may prompt and receive such data at block 118.
  • the computer 30 may read a default password from the token 34, and/or may receive a password or biometric actively submitted by a user.
  • the determined one-time password and any multifactor data are sent to and received by the server computer 31 respectively at blocks 120 and 122 of Fig. 3.
  • Fig. 3 shows an interaction between a client and server computer
  • steps designated as being executed by the server computer 31 in Fig. 3 could alternatively be accomplished by the client computer 30 in a stand-alone authentication process, i.e., where the client computer 30 is not networked to the server computer 31.
  • the server computer 31 determines at block 124 the one-time password using its own copy of the manufacturer controlled information 67 and random diversifier 69. For instance, the server computer 31 may recall the secret key from storage. In another embodiment, the computer 31 will apply the same crytographic algorithm 74 as used at the client computer 30 to determine the secret key and one-time password. If at block 126 the one-time password determined from using the token information matches the one-time password determined by (using the server information 67, 69) or stored at the server computer 31, then any multifactor data may next be authenticated at block 130.
  • a two-factor submission to the server computer 31 may comprise a string that is a concatenation of the one-time password and the password 55. Additional data may be used, but is not necessary, to separate the one-time password and the password 55 in the multifactor submission, or two-factor password.
  • the server computer 31 may accept the concatenated multifactor submission as a plain text value.
  • the one-time password and password 55 are typically not transmitted as hashed values in the multifactor submission.
  • This feature allows a system 10 to use any user name/password authentication mechanism as a carrier for a one-time password and the password authentication data.
  • the system 10 could make use of a web-based password authentication to transmit the multifactor submission to the server. Having no separator may allow the multifactor submission to be compatible with other known one-time password deployments.
  • the user name and multifactor submission will typically be encrypted and digitally signed for transit to the server computer 31 such that the server computer 31 may validate the integrity of the data transmitted and detect replay attempts.
  • the server computer 31 may determine the one-time password from the secret and the counter. In another embodiment, the server computer 31 may calculate a one-time password value based on the user's one-time secret, the current counter value 66, and the one-time password parameters, i.e, manufacturer controlled information 67 and random diversifier 69. In any case, the number of characters in the calculated one-time password will be compared against the same number of characters in the first part of the multifactor submission passed to the server computer 31. If they match, then the one-time password sent from the client is valid. Next, the remaining characters in the multifactor submission are treated as the user password 55, e.g. PIN. This data may be salted and hashed following the method that the stored user PIN was hashed and compared against the stored user PIN. If they match, then the correct one-time password/PIN multifactor submission was provided from the client, and both authentication factors are valid.
  • PIN personal information
  • Fig. 4 is a flowchart 150 having steps for re-synchronizing a counter 66 used in a one-time password authentication.
  • the server computer's counter 66 is generally only incremented in response to a successful one-time password authentication.
  • the token's counter 52 may be incremented when not in communication with the server computer 31, i.e., during a disconnected authentication. As such, the counters 52, 66 may become out of step.
  • the system 10 may presume in response to an unsuccessful authentication that the counters 52, 66 are out of synchronicity.
  • the server computer 31 may determine at block 154 a look-ahead value. For example, the server computer 31 may determine one or more one-time password values by incrementally using counter values that are higher the present counter value 66. A look-ahead parameter for calculating the maximum number of next one-time password server values may range per application specifications. For example, the server computer 31 may calculate one hundred look-ahead, one-time password values. If a match can be determined at block 156 between a look-ahead value and the submitted one-time password, then the counter 66 may be reset at block 158. For example, the server computer's counter 66 may be set to the client computer's counter 43, plus one. An audit log 81 may additionally be updated at block 160.
  • the server computer 31 may increment at block 162 the failed attempts 73 or 84.
  • a maximum fail parameter may be low by design, e.g., 3-5.
  • the server computer 31 may additionally set the re-synchronization flag at block 164 and initiate re-authentication processes at block 166. Exemplary re-authentication processes may include ensuring that the client computer 30 counter 52 is higher than the counter 66 of the server computer 31, as well as that the one-time password value sent from the client computer 30 matches a one-time password determination accomplished by the server computer 31 using the client computer's counter 43.
  • the system 10 may evaluate failed authentication attempts to determine if a token has been compromised.
  • the counter 52 of the token 34 will not have been modified.
  • the server computer 31 can consequently detect that a submitted one-time password was previously used.
  • the system 10 may determine that the counter 66 of the server computer 31 is larger than the counter 43 of the client computer 30 (or token).
  • the server computer 31 can then take counter measures, such as locking out the token and logging that a potential compromise has occurred.
  • the server computer 31 and/or client computer 30 may include a look-behind algorithm 83 or storage of previous one-time passwords for determining if a one-time password has been used previously.
  • a look-behind parameter for calculating previously used one-time passwords may vary per application specifications, e.g., corresponding to 50 counter values.
  • a look-behind sequence used to determine a potential token compromise may include determining that a one-time password match has occurred using an older counter value, e.g., the counter on the computer is higher than the token counter value.
  • the cryptographic data is assumed to have been compromised because the counter value of the token will never count backwards.
  • the match is thus likely to be the result of an attacker using a cloned token.
  • the lower token value may thus be the result of such an attacker using the secret and the counter value previously, then later re-attempting where the counter value has not been incremented.
  • exemplary steps of Fig. 4 are mostly discussed in a context of a server computer 31, one skilled in the art will appreciate that the client computer 30 may alternatively execute these or similar steps in a stand-alone configuration.
  • the present invention provides an apparatus, program product and method for enabling token authentication by generating a cryptographic key using manufacturer controlled information present on a token.
  • a computer typically reads the manufacturer controlled information and applies a cryptographic algorithm to determine the secret, cryptographic key.
  • the cryptographic key may comprise or be used to generate a one-time password used to authenticate the token.
  • token authentication may be accomplished in the absence of memory or processors on the token that are dedicated to the authentication process, itself. This feature reduces token hardware requirements and associated manufacturing expenses. Moreover, criminals may not know to look to manufacturer controlled information as a component of an authentication system.
  • Certain embodiments incorporate passwords, user names, and/or other data in addition to the manufacturer controlled information for realizing multiple factor (multifactor) authentication.
  • the password is stored on the token and is automatically transmitted to the access device, possibly along with the user identifier (ID). This automatic and transparent provision of the password enables a multifactor login without requiring the user to do more than submit the token, i.e., type in a password or user ID.
  • the cryptographic key is not stored directly on the token, it cannot be read from the token, e.g. to create a cloned token. Secret data is thus not stored in the clear where it may be readily copied. Instead, the cryptographic data is determined separately from the token. Conversely, exposure of the cryptographic key on the server is limited by virtue of the manufacturer controlled information being stored separately on the token.
  • a token may include any portable device having computer-readable manufacturer controlled information. This feature obviates the conventional requirement of including onboard memory and/or processors required for authentication, and broadens the types of devices that may comprise tokens.
  • an access control device may comprise any device having electronic access controls, to include not only computers, but networks, buildings, handheld devices, etc.
  • a token may comprise virtually any computer-readable device, to include not only a flash drive, but Compact Flash memory, a SDcard, a magnetic stripe card, a wireless device, a headset, a handheld PDA, a cellular telephone, an audio player, a magnetic strip card, an iPod, a digital camera, a portable printer, a keyboard, a computer mouse, etc.
  • Embodiments of the present invention can thus work over any wired or wireless (e.g. Bluetooth, WiFi, RF, etc.) connection.
  • random data stored within memory e.g., a random diversifier, may be used to authenticate in a manner analogous to that of the manufacturer controlled data.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)
EP06255304A 2005-10-17 2006-10-16 Token-Authentifizierungssystem Withdrawn EP1775673A3 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US11/252,040 US20070101152A1 (en) 2005-10-17 2005-10-17 Token authentication system

Publications (2)

Publication Number Publication Date
EP1775673A2 true EP1775673A2 (de) 2007-04-18
EP1775673A3 EP1775673A3 (de) 2007-05-09

Family

ID=37697965

Family Applications (1)

Application Number Title Priority Date Filing Date
EP06255304A Withdrawn EP1775673A3 (de) 2005-10-17 2006-10-16 Token-Authentifizierungssystem

Country Status (2)

Country Link
US (1) US20070101152A1 (de)
EP (1) EP1775673A3 (de)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2442249A (en) * 2007-02-20 2008-04-02 Cryptomathic As Generating dynamic passwords
EP2151795A1 (de) * 2008-08-08 2010-02-10 France Telecom Sichere elektronische Couponlieferung an eine mobile Vorrichtung
WO2010022274A1 (en) * 2008-08-20 2010-02-25 Esther Finale LLC Data packet generator for generating passcodes
SG158757A1 (en) * 2008-07-10 2010-02-26 Fast And Safe Technology Pte L Method and apparatus for protecting data in computers
CN101309268B (zh) * 2008-05-21 2011-04-27 北京飞天诚信科技有限公司 防止误触发的动态令牌及其控制方法
US8707049B2 (en) 2007-08-20 2014-04-22 Feitian Technologies Co., Ltd. Authentication method and key device
WO2014106031A1 (en) * 2012-12-28 2014-07-03 Vasco Data Security, Inc. Remote authentication and transaction signatures
WO2017087497A1 (en) * 2015-11-19 2017-05-26 Robert Bosch Gmbh Secure access control to an embedded device through a networked computer
CN111698089A (zh) * 2019-03-12 2020-09-22 恩智浦有限公司 使用装置组标识令牌的证书供应和客户绑定机制
US11184168B2 (en) * 2016-02-19 2021-11-23 Nec Corporation Method for storing data on a storage entity

Families Citing this family (47)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8281136B2 (en) * 2005-10-21 2012-10-02 Novell, Inc. Techniques for key distribution for use in encrypted communications
EP1833219B1 (de) * 2006-03-08 2014-10-08 Monitise Limited Verfahren, Vorrichtung und Software für die Verwendung eines Tokens zur Ermittlung eines temporären Passworts in einem Mobiltelefon
JP2007249805A (ja) * 2006-03-17 2007-09-27 Internatl Business Mach Corp <Ibm> 電子認証方法及び電子認証システム
JP4259589B2 (ja) * 2006-05-09 2009-04-30 セイコーエプソン株式会社 電子機器、アクセス制御方法
JP4247724B2 (ja) * 2006-05-19 2009-04-02 セイコーエプソン株式会社 ストレージドライバ、電子機器、アクセス制御方法
CN101454785A (zh) * 2006-05-30 2009-06-10 Nxp股份有限公司 密码认证方法
DE102006034536A1 (de) * 2006-07-26 2008-01-31 Carl Zeiss Meditec Ag Verfahren zum Erzeugen von Zugangsdaten für ein medizinisches Gerät
CA2569355C (en) * 2006-11-29 2014-10-14 Diversinet Corp. System and method for handling permits for user authentication tokens
US20080143476A1 (en) * 2006-12-14 2008-06-19 The Hong Kong Polytechnic University Physimetric authentication of physical object by digital identification (DID)
US8281375B2 (en) 2007-01-05 2012-10-02 Ebay Inc. One time password authentication of websites
US8543829B2 (en) 2007-01-05 2013-09-24 Ebay Inc. Token device re-synchronization through a network solution
FR2916881B1 (fr) * 2007-05-31 2010-09-17 Oberthur Card Syst Sa Entite electronique portable, station hote et procede associe
US8281147B2 (en) * 2007-06-21 2012-10-02 Microsoft Corporation Image based shared secret proxy for secure password entry
KR100954223B1 (ko) * 2007-11-22 2010-04-21 한국전자통신연구원 Rtc를 이용하는 암호시스템간 보안 통신 방법 및 장치
US8353015B2 (en) * 2008-01-09 2013-01-08 Microsoft Corporation Trusted internet identity
WO2009092105A2 (en) * 2008-01-18 2009-07-23 Tekelec Systems, methods and computer readable media for application-level authentication of messages in a telecommunications network
US8660268B2 (en) * 2008-04-29 2014-02-25 Red Hat, Inc. Keyed pseudo-random number generator
US9258113B2 (en) 2008-08-29 2016-02-09 Red Hat, Inc. Username based key exchange
US8578473B2 (en) * 2009-03-25 2013-11-05 Lsi Corporation Systems and methods for information security using one-time pad
US20100250968A1 (en) * 2009-03-25 2010-09-30 Lsi Corporation Device for data security using user selectable one-time pad
US8800017B2 (en) * 2009-05-29 2014-08-05 Ncomputing, Inc. Method and apparatus for copy protecting a digital electronic device
US20110047610A1 (en) * 2009-08-19 2011-02-24 Keypair Technologies, Inc. Modular Framework for Virtualization of Identity and Authentication Processing for Multi-Factor Authentication
US9225526B2 (en) * 2009-11-30 2015-12-29 Red Hat, Inc. Multifactor username based authentication
FR2968799B1 (fr) * 2010-12-09 2013-01-11 Oberthur Technologies Procede et dispositif de controle d'execution pour des fonctions internes et des applications protegees embarquees dans des cartes a microcircuits pour terminaux mobiles
US8683562B2 (en) 2011-02-03 2014-03-25 Imprivata, Inc. Secure authentication using one-time passwords
US8868921B2 (en) * 2011-07-20 2014-10-21 Daon Holdings Limited Methods and systems for authenticating users over networks
US8839399B2 (en) * 2012-03-30 2014-09-16 International Business Machines Corporation Tenant driven security in a storage cloud
US9106405B1 (en) * 2012-06-25 2015-08-11 Amazon Technologies, Inc. Multi-user secret decay
US20140067687A1 (en) * 2012-09-02 2014-03-06 Mpayme Ltd. Clone defence system for secure mobile payment
US20140258108A1 (en) * 2013-03-11 2014-09-11 Mastercard International Incorporated Systems and methods for product authentication and consumer relationship management
US9213820B2 (en) * 2013-09-10 2015-12-15 Ebay Inc. Mobile authentication using a wearable device
SG2013093059A (en) * 2013-12-12 2015-07-30 Vorsz One Pte Ltd Method and system for encryption and/or decryption
WO2015167544A1 (en) * 2014-04-30 2015-11-05 Hewlett-Packard Development Company, Lp Verification request
US9679152B1 (en) 2014-07-24 2017-06-13 Wells Fargo Bank, N.A. Augmented reality security access
SG10201500276VA (en) * 2015-01-14 2016-08-30 Mastercard Asia Pacific Pte Ltd Method and system for making a secure payment transaction
JP6516009B2 (ja) * 2015-07-10 2019-05-22 富士通株式会社 機器認証システム、管理装置及び機器認証方法
US9552181B1 (en) 2016-04-22 2017-01-24 Xerox Corporation Method and apparatus for authorizing a print device to perform a service
US20180336554A1 (en) * 2017-05-17 2018-11-22 Douglas H. Trotter Secure electronic transaction authentication
KR101946634B1 (ko) * 2017-07-04 2019-05-08 김덕우 비밀번호 입력 시스템
CN107979472A (zh) * 2017-12-01 2018-05-01 江苏乐希科技有限公司 一种密码锁系统以及认证方法
US11089013B2 (en) 2018-09-14 2021-08-10 International Business Machines Corporation Enhanced password authentication across multiple systems and user identifications
JP2022502901A (ja) 2018-10-02 2022-01-11 キャピタル・ワン・サービシーズ・リミテッド・ライアビリティ・カンパニーCapital One Services, LLC 非接触カードの暗号化認証のためのシステムおよび方法
US10581611B1 (en) * 2018-10-02 2020-03-03 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards
CN110177124B (zh) * 2019-06-20 2022-02-25 深圳市迅雷网络技术有限公司 基于区块链的身份认证方法及相关设备
US11336438B2 (en) * 2020-03-31 2022-05-17 EMC IP Holding Company LLC Remote approval and execution of restricted operations
US12495042B2 (en) 2021-08-16 2025-12-09 Capital One Services, Llc Systems and methods for resetting an authentication counter
US11949716B2 (en) 2022-01-31 2024-04-02 Bank Of America Corporation System for secure channel selection for multi-factor authentication using non-fungible electronic resources

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5491752A (en) * 1993-03-18 1996-02-13 Digital Equipment Corporation, Patent Law Group System for increasing the difficulty of password guessing attacks in a distributed authentication scheme employing authentication tokens
JP2000276445A (ja) * 1999-03-23 2000-10-06 Nec Corp バイオメトリクス識別を用いた認証方法、装置、認証実行機、認証プログラムを記録した記録媒体
US7921297B2 (en) * 2001-01-10 2011-04-05 Luis Melisendro Ortiz Random biometric authentication utilizing unique biometric signatures
US7310734B2 (en) * 2001-02-01 2007-12-18 3M Innovative Properties Company Method and system for securing a computer network and personal identification device used therein for controlling access to network components
US20020109578A1 (en) * 2001-02-09 2002-08-15 Hansen Glenn S. Integrated display and identification system and method
US20020165898A1 (en) * 2001-05-03 2002-11-07 Joe Duffy Recipient-determined method for sharing tasks in an advanced electronic messaging/workflow system
US7069444B2 (en) * 2002-01-25 2006-06-27 Brent A. Lowensohn Portable wireless access to computer-based systems
DE10211036A1 (de) * 2002-03-13 2003-10-09 Fujitsu Siemens Computers Gmbh Zugangsschutz
US7299364B2 (en) * 2002-04-09 2007-11-20 The Regents Of The University Of Michigan Method and system to maintain application data secure and authentication token for use therein
US7502933B2 (en) * 2002-11-27 2009-03-10 Rsa Security Inc. Identity authentication system and method
CN1922845B (zh) * 2004-02-23 2010-10-06 弗里塞恩公司 令牌验证系统和方法

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7882553B2 (en) 2007-02-20 2011-02-01 Cryptomathic A/S Authentication device and method
GB2442249B (en) * 2007-02-20 2008-09-10 Cryptomathic As Authentication device and method
GB2442249A (en) * 2007-02-20 2008-04-02 Cryptomathic As Generating dynamic passwords
US8707049B2 (en) 2007-08-20 2014-04-22 Feitian Technologies Co., Ltd. Authentication method and key device
CN101309268B (zh) * 2008-05-21 2011-04-27 北京飞天诚信科技有限公司 防止误触发的动态令牌及其控制方法
SG158757A1 (en) * 2008-07-10 2010-02-26 Fast And Safe Technology Pte L Method and apparatus for protecting data in computers
EP2151795A1 (de) * 2008-08-08 2010-02-10 France Telecom Sichere elektronische Couponlieferung an eine mobile Vorrichtung
US10102509B2 (en) 2008-08-08 2018-10-16 Orange Secure electronic coupon delivery to mobile device
WO2010022274A1 (en) * 2008-08-20 2010-02-25 Esther Finale LLC Data packet generator for generating passcodes
US8351408B2 (en) 2008-08-20 2013-01-08 Daigle Mark R Data packet generator for generating passcodes
WO2014106031A1 (en) * 2012-12-28 2014-07-03 Vasco Data Security, Inc. Remote authentication and transaction signatures
US9124433B2 (en) 2012-12-28 2015-09-01 Vasco Data Security, Inc. Remote authentication and transaction signatures
WO2017087497A1 (en) * 2015-11-19 2017-05-26 Robert Bosch Gmbh Secure access control to an embedded device through a networked computer
US10057070B2 (en) 2015-11-19 2018-08-21 Robert Bosch Tool Corporation Secure access control to an embedded device through a networked computer
US11184168B2 (en) * 2016-02-19 2021-11-23 Nec Corporation Method for storing data on a storage entity
CN111698089A (zh) * 2019-03-12 2020-09-22 恩智浦有限公司 使用装置组标识令牌的证书供应和客户绑定机制

Also Published As

Publication number Publication date
EP1775673A3 (de) 2007-05-09
US20070101152A1 (en) 2007-05-03

Similar Documents

Publication Publication Date Title
EP1775673A2 (de) Token-Authentifizierungssystem
KR102138283B1 (ko) 하나의 장치를 이용하여 다른 장치를 언로크하는 방법
CN111034120B (zh) 基于身份信息的加密密钥管理
US7603565B2 (en) Apparatus and method for authenticating access to a network resource
US9003516B2 (en) System and method for encrypted smart card pin entry
US9118467B2 (en) Generating keys using secure hardware
US8572392B2 (en) Access authentication method, information processing unit, and computer product
US20160005032A1 (en) Method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors
US11831752B2 (en) Initializing a data storage device with a manager device
WO2021141620A1 (en) Remote grant of access to locked data storage device
JP2000357156A (ja) 認証シード配布のためのシステムおよび方法
WO2007112023A2 (en) Secure biometric processing system and method of use
EP3480718B1 (de) System und verfahren zum erleichtern der authentifizierung über einen drahtlosen token mit kurzer reichweite
US11265152B2 (en) Enrolment of pre-authorized device
WO2021141619A1 (en) Recovery key for unlocking a data storage device
JP2019506789A (ja) パスコード検証のためのフォワードセキュア型暗号技術を使用した方法、システム、及び装置。
JPH11306088A (ja) Icカードおよびicカードシステム
WO2021141618A1 (en) Multi-role unlocking of a data storage device
KR101583514B1 (ko) 지문센서와 장착식 스마트 카드와 메모리 카드를 구비한 유에스비 보안장치 및 그 보안 방법
US12118103B2 (en) Certificates in data storage devices
KR101256373B1 (ko) 장착식 스마트 카드와 메모리 카드를 구비한 유에스비 보안장치 및 그 보안 방법
JP7555553B1 (ja) 情報端末、情報処理システム、コンピュータプログラム及び情報処理方法
EP4485237A1 (de) Verfahren zur sicheren überprüfung eines passworts für eine client-anwendung auf einer client-vorrichtung
US12101418B2 (en) Cryptographic keys for authorization requests from a data storage device
WO2024173605A1 (en) Authentication system and method for windows systems

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA HR MK YU

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA HR MK YU

AKX Designation fees paid
REG Reference to a national code

Ref country code: DE

Ref legal event code: 8566

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20071110